Re: How to deny sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 19 Aug 2007 15:28:31 +0200, lists.httpd-users@xxxxxxxxxxxxxxxxxx wrote:
> Hallo httpd users,
>
> Quite some time ago I had an option in my configuration which made
> it possible to deny sites when they were listed in a file in the
> form:
>         Deny from aaa.bbb.ccc.ddd
>         Deny from ppp.qqq.rrr.sss
>         &c
> That option disappeared from my configuration somehow and I can't
> find how to put it in anymore.
> Does anybody know what I'm talking about and can tell me how to
> do it?

It looks like you're referring to the .htaccess file.
Here's one I have in the sub-directory containing a message board:

$ cat .htaccess
# 403 Forbidden: Block REFERER's containing multiple URL's: SPAMMERs
RewriteEngine on
RewriteCond %{HTTP_REFERER} http.*http [NC]
RewriteRule .* - [F]

# 403 Forbidden for (some of) the spammers' trojanned botnet machines
order allow,deny
allow from all

#    Handle rDNS nets -- if available.
deny from .bbtec.net
deny from .bezeqint.net
deny from .sagonet.net

#    058/8  APNIC  (whois.apnic.net)
#    059/8  APNIC  (whois.apnic.net)
deny from 58.0.0.0/8
deny from 59.0.0.0/8

#    61/8  APNIC     (whois.apnic.net)
#    62/8  RIPE NCC  (whois.ripe.net)
deny from 61.0.0.0/8
deny from 62.0.0.0/8

#    OrgName:    Sago Networks
#    inetnum:    65.110.32.0 - 65.110.63.255
deny from 65.110.32.0/19

#    Specific machines in ARIN / LACNIC
deny from 64.246.44.4
deny from 65.165.10.1
deny from 66.139.76.245
deny from 66.165.172.163
deny from 66.192.59.18
deny from 66.228.143.9
deny from 67.128.15.151
deny from 67.128.15.151
deny from 68.250.254.137
deny from 68.81.240.5
deny from 69.119.234.228
deny from 70.234.81.185
deny from 71.145.191.48
deny from 72.232.39.162
deny from 72.32.59.213
deny from 72.36.252.178
deny from 128.121.50.31
deny from 201.28.107.230
deny from 201.34.32.42
deny from 201.36.161.104
deny from 201.38.194.188
deny from 201.57.112.148
deny from 201.80.46.24
deny from 206.222.15.114
deny from 209.6.158.223
deny from 209.51.221.58
deny from 209.147.47.74
deny from 209.190.6.194
deny from 209.190.9.26
deny from 209.190.23.50
deny from 209.190.38.42
deny from 209.190.39.210
deny from 216.144.234.2
deny from 216.144.235.139
deny from 216.27.182.198

#    080/8  RIPE NCC  (whois.ripe.net)
#    081/8  RIPE NCC  (whois.ripe.net)
#    082/8  RIPE NCC  (whois.ripe.net)
#    083/8  RIPE NCC  (whois.ripe.net)
#    084/8  RIPE NCC  (whois.ripe.net)
#    085/8  RIPE NCC  (whois.ripe.net)
#    086/8  RIPE NCC  (whois.ripe.net)
#    087/8  RIPE NCC  (whois.ripe.net)
#    088/8  RIPE NCC  (whois.ripe.net)
#    089/8  RIPE NCC  (whois.ripe.net)
#    090/8  RIPE NCC  (whois.ripe.net)
#    091/8  RIPE NCC  (whois.ripe.net)
deny from 80.0.0.0/8
deny from 81.0.0.0/8
deny from 82.0.0.0/8
deny from 83.0.0.0/8
deny from 84.0.0.0/8
deny from 85.0.0.0/8
deny from 86.0.0.0/8
deny from 87.0.0.0/8
deny from 88.0.0.0/8
deny from 89.0.0.0/8
deny from 90.0.0.0/8
deny from 91.0.0.0/8

#    121/8  APNIC  (whois.apnic.net)
#    125/8  APNIC  (whois.apnic.net)
deny from 121.0.0.0/8
deny from 125.0.0.0/8

#    inetnum:  134.157.0.0 - 134.157.255.255
#    descr:    4 Place Jussieu, 75252 Paris CEDEX  05, France
deny from 134.157.0.0/16

#    inetnum:  138.195.0.0 - 138.195.255.255
#    descr:    Ecole Centrale Paris
deny from 138.195.0.0/16

#    inetnum:  148.233/16
#    address:  01900 - Ciudad de México - DF
deny from 148.233.0.0/16

#    193/8  RIPE NCC  (whois.ripe.net)
#    194/8  RIPE NCC  (whois.ripe.net)
#    195/8  RIPE NCC  (whois.ripe.net)
deny from 193.0.0.0/8
deny from 194.0.0.0/8
deny from 195.0.0.0/8

#    inetnum:     200.37/16
#    owner:       Telefonica del Peru S.A.A.
deny from 200.37.0.0/16

#    inetnum:     200.55.96/19
#    address:     C1214ADG - Buenos Aires -
deny from 200.55.96.0/19

#    inetnum:    200.64/15
#    address:    01900 - Ciudad de México - DF
deny from 200.64.0.0/15

#    inetnum:    200.67.30/24
#    address:    01900 - Mexico DF - DF
deny from 200.67.30.0/24

#    inetnum:    200.71.60/22
#    address:    0 - Bogotá - DC
deny from 200.71.60.0/22

#    inetnum:    200.80.128/19
#    address:    C1063AB - Buenos Aires
deny from 200.80.128.0/19

#    inetnum:    200.90.188.72/29
#    address:    02 - santiago -
deny from 200.90.188.72/29

#    inetnum:    200.185.224/19
#    address:    05425-902 - São Paulo - SP
deny from 200.185.224.0/19

#    inetnum:    200.223.210.200/29
#    address:    48110-000 - Catu - BA
deny from 200.223.210.200/29

#    inetnum:    201.10/16
#    owner:      Brasil Telecom S/A - Filial Distrito Federal
deny from 201.10.0.0/16

#    202/8  APNIC  (whois.apnic.net)
#    203/8  APNIC  (whois.apnic.net)
deny from 202.0.0.0/8
deny from 203.0.0.0/8

#    210/8  APNIC  (whois.apnic.net)
#    211/8  APNIC  (whois.apnic.net)
deny from 210.0.0.0/8
deny from 211.0.0.0/8

#    213/8  RIPE NCC  (whois.ripe.net)
deny from 213.0.0.0/8

#    217/8  RIPE NCC  (whois.ripe.net)
#    218/8  APNIC  (whois.apnic.net)
#    219/8  APNIC  (whois.apnic.net)
#    220/8  APNIC  (whois.apnic.net)
#    221/8  APNIC  (whois.apnic.net)
#    222/8  APNIC  (whois.apnic.net)
deny from 217.0.0.0/8
deny from 218.0.0.0/8
deny from 219.0.0.0/8
deny from 220.0.0.0/8
deny from 221.0.0.0/8
deny from 222.0.0.0/8

ErrorDocument 403 /403.php
# In this sub-dir a 404 == a 403!
ErrorDocument 404 /403.php

-- 
Jonesy

  Marvin L Jones    | jonz          | W3DHJ  | linux
   38.24N  104.55W  |  @ config.com | Jonesy |  OS/2
    *** Killfiling google posts: <http://jonz.net/ng.htm>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux